General
-
Target
JaffaCakes118_40e35558a589d45369569c6bad51639e
-
Size
168KB
-
Sample
250127-smnmjsvjbz
-
MD5
40e35558a589d45369569c6bad51639e
-
SHA1
90b1ac707046d20312a5b5eccbfb446531ccf824
-
SHA256
0f0cbac834e75772b5f73d4df7bc9bac216b69715a20beb5c755a3209808ac82
-
SHA512
5500db16640af8f5017b3027c0d40a038d843a62efed667f0fcb43235ac86c32fcb43939a4cafe08cba3a18e17eef63dec5a42a4672a4d748961795287b5f74f
-
SSDEEP
3072:z9x66a+uVm3THhbB7Nu3oyaw+0NraoPbpdwPtMgyYbsbvdIsQXSH+1zvGEW:CxdVm3bXOd+0oqH8tltQH+B
Malware Config
Targets
-
-
Target
JaffaCakes118_40e35558a589d45369569c6bad51639e
-
Size
168KB
-
MD5
40e35558a589d45369569c6bad51639e
-
SHA1
90b1ac707046d20312a5b5eccbfb446531ccf824
-
SHA256
0f0cbac834e75772b5f73d4df7bc9bac216b69715a20beb5c755a3209808ac82
-
SHA512
5500db16640af8f5017b3027c0d40a038d843a62efed667f0fcb43235ac86c32fcb43939a4cafe08cba3a18e17eef63dec5a42a4672a4d748961795287b5f74f
-
SSDEEP
3072:z9x66a+uVm3THhbB7Nu3oyaw+0NraoPbpdwPtMgyYbsbvdIsQXSH+1zvGEW:CxdVm3bXOd+0oqH8tltQH+B
Score10/10-
Cycbot
Cycbot is a backdoor and trojan written in C++..
-
Cycbot family
-
Detects Cycbot payload
Cycbot is a backdoor and trojan written in C++.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-